rpm package
suse/redis&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5
pkg:rpm/suse/redis&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31449 | — | < 6.2.6-150400.3.28.1 | 6.2.6-150400.3.28.1 | Oct 7, 2024 | Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis | ||
| CVE-2024-31228 | — | < 6.2.6-150400.3.28.1 | 6.2.6-150400.3.28.1 | Oct 7, 2024 | Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL defini | ||
| CVE-2023-45145 | — | < 6.2.6-150400.3.25.1 | 6.2.6-150400.3.25.1 | Oct 18, 2023 | Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of ti | ||
| CVE-2022-24834 | — | < 6.2.6-150400.3.22.1 | 6.2.6-150400.3.22.1 | Jul 13, 2023 | Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua sc |
- CVE-2024-31449Oct 7, 2024affected < 6.2.6-150400.3.28.1fixed 6.2.6-150400.3.28.1
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis
- CVE-2024-31228Oct 7, 2024affected < 6.2.6-150400.3.28.1fixed 6.2.6-150400.3.28.1
Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL defini
- CVE-2023-45145Oct 18, 2023affected < 6.2.6-150400.3.25.1fixed 6.2.6-150400.3.25.1
Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of ti
- CVE-2022-24834Jul 13, 2023affected < 6.2.6-150400.3.22.1fixed 6.2.6-150400.3.22.1
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua sc